From patchwork Thu Oct 15 23:45:30 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ben Pfaff <blp@nicira.com>
X-Patchwork-Id: 530988
Return-Path: <dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from archives.nicira.com (li376-54.members.linode.com
	[96.126.127.54]) by ozlabs.org (Postfix) with ESMTP id 13EAB1402DD
	for <incoming@patchwork.ozlabs.org>;
	Fri, 16 Oct 2015 10:45:40 +1100 (AEDT)
Received: from archives.nicira.com (localhost [127.0.0.1])
	by archives.nicira.com (Postfix) with ESMTP id 2432210B5A;
	Thu, 15 Oct 2015 16:45:39 -0700 (PDT)
X-Original-To: dev@openvswitch.org
Delivered-To: dev@openvswitch.org
Received: from mx3v1.cudamail.com (mx3.cudamail.com [64.34.241.5])
	by archives.nicira.com (Postfix) with ESMTPS id 1094610B50
	for <dev@openvswitch.org>; Thu, 15 Oct 2015 16:45:38 -0700 (PDT)
Received: from bar3.cudamail.com (bar1 [192.168.15.1])
	by mx3v1.cudamail.com (Postfix) with ESMTP id 89273618083
	for <dev@openvswitch.org>; Thu, 15 Oct 2015 17:45:37 -0600 (MDT)
X-ASG-Debug-ID: 1444952736-03dd7b105e34fa0001-byXFYA
Received: from mx3-pf1.cudamail.com ([192.168.14.2]) by bar3.cudamail.com
	with
	ESMTP id UHC5xFRxVTjEB2nL (version=TLSv1 cipher=DHE-RSA-AES256-SHA
	bits=256 verify=NO) for <dev@openvswitch.org>;
	Thu, 15 Oct 2015 17:45:36 -0600 (MDT)
X-Barracuda-Envelope-From: blp@nicira.com
X-Barracuda-RBL-Trusted-Forwarder: 192.168.14.2
Received: from unknown (HELO mail-pa0-f53.google.com) (209.85.220.53)
	by mx3-pf1.cudamail.com with ESMTPS (RC4-SHA encrypted);
	15 Oct 2015 23:45:36 -0000
Received-SPF: unknown (mx3-pf1.cudamail.com: Multiple SPF records returned)
X-Barracuda-RBL-Trusted-Forwarder: 209.85.220.53
Received: by pacfv9 with SMTP id fv9so2843795pac.3
	for <dev@openvswitch.org>; Thu, 15 Oct 2015 16:45:36 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:from:to:cc:subject:date:message-id;
	bh=hyT9UjUp1eVA7jBKDv/hkPV9OQfdZW2/y2hJZOD8z5s=;
	b=ZEHUran6pHWNryWAKrX7uL3sX7hwmRbqFF+l+zGtfohwDy/6mxSJRlotLJyMO9nabR
	aZKs5f9gpeRibpkCEDflpNPwwu1/m86w5G0rBIqevyL/jYf07KgJy7KIsMPKwqoG71pU
	dBizaIQlUdtflaoR537BVbDCh8VqToZZ02WueLoDFF+aQUeVnAby+6kzfpvjXfh00J3+
	OeZFgAMWli32xgUmVUa0ihe3D9CDSoiOxsTJgHu0ohkPSaZ2GheokS+GmGUTBpS5Z5/r
	Pydz0/CtkrSsv2sz/BbwVBn8oq/rWWWetm61OqQkf123NEJA1G4pIeWabAiO4lS1yG4n
	GjRA==
X-Gm-Message-State: 
 ALoCoQk3I9t2anBdjspq2kcRYf+lHV6EY0+KgT8GUjQqTNy08Fb2ivflH7sU5HCHCar5enxp34bL
X-Received: by 10.66.102.97 with SMTP id fn1mr12710713pab.97.1444952736163;
	Thu, 15 Oct 2015 16:45:36 -0700 (PDT)
Received: from sigabrt.benpfaff.org ([208.91.2.4])
	by smtp.gmail.com with ESMTPSA id
	gj10sm17454941pbc.68.2015.10.15.16.45.33
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Thu, 15 Oct 2015 16:45:34 -0700 (PDT)
X-CudaMail-Envelope-Sender: blp@nicira.com
X-Barracuda-Apparent-Source-IP: 208.91.2.4
From: Ben Pfaff <blp@nicira.com>
To: dev@openvswitch.org
X-CudaMail-Whitelist-To: dev@openvswitch.org
X-CudaMail-MID: CM-V1-1014081570
X-CudaMail-DTE: 101515
X-CudaMail-Originating-IP: 209.85.220.53
Date: Thu, 15 Oct 2015 16:45:30 -0700
X-ASG-Orig-Subj: [##CM-V1-1014081570##][PATCH] physical: Improve treatment of
	localnet non-VLAN logical ports.
Message-Id: <1444952730-6552-1-git-send-email-blp@nicira.com>
X-Mailer: git-send-email 2.1.3
X-Barracuda-Connect: UNKNOWN[192.168.14.2]
X-Barracuda-Start-Time: 1444952736
X-Barracuda-Encrypted: DHE-RSA-AES256-SHA
X-Barracuda-URL: https://web.cudamail.com:443/cgi-mod/mark.cgi
X-ASG-Whitelist: Header =?UTF-8?B?eFwtY3VkYW1haWxcLXdoaXRlbGlzdFwtdG8=?=
X-Virus-Scanned: by bsmtpd at cudamail.com
X-Barracuda-BRTS-Status: 1
Cc: Ben Pfaff <blp@nicira.com>
Subject: [ovs-dev] [PATCH] physical: Improve treatment of localnet non-VLAN
	logical ports.
X-BeenThere: dev@openvswitch.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: <dev.openvswitch.org>
List-Unsubscribe: <http://openvswitch.org/mailman/options/dev>,
	<mailto:dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://openvswitch.org/pipermail/dev>
List-Post: <mailto:dev@openvswitch.org>
List-Help: <mailto:dev-request@openvswitch.org?subject=help>
List-Subscribe: <http://openvswitch.org/mailman/listinfo/dev>,
	<mailto:dev-request@openvswitch.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: dev-bounces@openvswitch.org
Sender: "dev" <dev-bounces@openvswitch.org>

Until now, the flow table treated localnet logical ports that have a VLAN
quite differently from those that don't.  The ones without a VLAN were
essentially trunk ports: any packets that came in, that weren't picked off
by a localnet port with a VLAN, were passed to the ones without a VLAN.
This wasn't the intended behavior.

This commit changes behavior to the intended behavior.  Now, localnet ports
without a specific VLAN only receive packets without a VLAN header or those
with VLAN ID 0 (with that header stripped off).

Found by inspection.

Signed-off-by: Ben Pfaff <blp@nicira.com>
---
 ovn/controller/physical.c | 30 ++++++++++++++++++++----------
 1 file changed, 20 insertions(+), 10 deletions(-)

diff --git a/ovn/controller/physical.c b/ovn/controller/physical.c
index 0c239df..04b869c 100644
--- a/ovn/controller/physical.c
+++ b/ovn/controller/physical.c
@@ -637,15 +637,12 @@ physical_run(struct controller_ctx *ctx, enum mf_field_id mff_ovn_geneve,
     }
     hmap_destroy(&tunnels);
 
-    /* Table 0, Priority 150 and 100.
-     * ==============================
+    /* Table 0, Priority 100.
+     * ======================
      *
      * We have now determined the full set of port bindings associated with
      * each "localnet" network.  Only create flows for datapaths that have
      * another local binding.  Otherwise, we know it would just be dropped.
-     *
-     * Use priority 150 for inputs that match both the network and a VLAN tag.
-     * Use priority 100 for matching untagged traffic from the local network.
      */
     struct shash_node *ln_bindings_node, *ln_bindings_node_next;
     SHASH_FOR_EACH_SAFE (ln_bindings_node, ln_bindings_node_next,
@@ -658,14 +655,19 @@ physical_run(struct controller_ctx *ctx, enum mf_field_id mff_ovn_geneve,
             match_set_in_port(&match, ln_bindings->ofport);
             if (ln_vlan->tag) {
                 match_set_dl_vlan(&match, htons(ln_vlan->tag));
+            } else {
+                /* Match priority-tagged frames, e.g. VLAN ID 0.
+                 *
+                 * We'll add a second flow for frames that lack any 802.1Q
+                 * header later. */
+                match_set_dl_tci_masked(&match, htons(VLAN_CFI),
+                                        htons(VLAN_VID_MASK | VLAN_CFI));
             }
 
             struct ofpbuf ofpacts;
             ofpbuf_init(&ofpacts, 0);
 
-            if (ln_vlan->tag) {
-                ofpact_put_STRIP_VLAN(&ofpacts);
-            }
+            ofpact_put_STRIP_VLAN(&ofpacts);
             uint32_t ofpacts_orig_size = ofpacts.size;
 
             struct binding_elem *b;
@@ -686,8 +688,16 @@ physical_run(struct controller_ctx *ctx, enum mf_field_id mff_ovn_geneve,
             }
 
             if (ofpacts.size > ofpacts_orig_size) {
-                ofctrl_add_flow(flow_table, 0, ln_vlan->tag ? 150 : 100,
-                        &match, &ofpacts);
+                ofctrl_add_flow(flow_table, 0, 100, &match, &ofpacts);
+
+                if (!ln_vlan->tag) {
+                    /* Add a second flow for frames that lack any 802.1Q
+                     * header.  For these, drop the OFPACT_STRIP_VLAN
+                     * action. */
+                    ofpbuf_pull(&ofpacts, ofpacts_orig_size);
+                    match_set_dl_tci_masked(&match, 0, htons(VLAN_CFI));
+                    ofctrl_add_flow(flow_table, 0, 100, &match, &ofpacts);
+                }
             }
 
             ofpbuf_uninit(&ofpacts);